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The invention provides an Internet communication 
system including a computer terminal, for each Internet- 
client, and a number of Internet WWW -servers adapted < 
to be accessed by an Internet-client, said computer 
terminals being adapted for connection to the Internet „ 
and having a WWW-browser and a data modem for 1 , 
respectively accessing, and interfacing with, the WWW- \ 
servers, characterised in that the commumcadcrf system , 
includes security means; for said computer terminals and I 
Internet-servers, to ensure that transactions* ' between a 
WWW-serVer, and an Internet-client tare; secure. Jhc j 
security means including an Internet<lient , server for , 
each computer terminal and means for endorsing each J 
transactions with an electronic signature. The Internet- * 
client server has WWW-furtctionalities and is adapted to - 
link with the data modem and the transaction endorsement 
means. The security means may be adapted to encrypt 
and decrypt the transactions. The transaction endorsement 
means preferably includes a personalised smart card for 
each Internet-client The smart card may be used to 
effect encryption and decryption, as well as providing an 
electronic signature for the transactions. 
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IMPROVEMENTS IN, OR RELATING TO, INTERNET COMMUNICATION 

SYSTEMS 

The invention relates to an Internet communication system, a secure computer 
terminal, an Internet WWW (World Wide Web)-server for said system, and a method 
5 for the secure transmission of information data between an Internet WWW-server 
and a computer terminal. 

The nature, and implementation, of Internet technologies is well known to 
persons skilled in the art and, whilst the Internet can be attributed with a number of 
different qualities, security is not one of these attributes. As a consequence of this, 
10 use of the public network, provided by the Internet, is excluded for a wide range of 
applications, for example, business transactions, where security of information is of 
prime importance. 

There is, therefore, a requirement to be able to maintain security of the data 
traffic as it traverses those sections of the network to which the public*has access. 

15 The Internet is, in essence, a global network of interconnected computer 

terminals, or networks, and comprises a number of separate interconnected networks 
which are owne,d and cqntrQllj^d by ^ nunrit?er of organisations. for example, network 
operators, Internet service and universities. The Wpcid Wide 

Web (WWW), known as the 'Web', provides a relatively simple means of .accessing., 

20 ^and navigating through" th^jnfonliation data provfded by Web sites and, in particular, 
WWW-servers, i.e. computers. WWW-servers can, in effect, be accessedHby; 
computer terminal users having^the necessary authority from Web site operators^- to 

obtain information data, bn any desired topic, stored by the servers. WWW-servers* 

*■* * w * , * ^ 

"respond to requests fbrjftfbrmation data, by sending out 'pages' of text, pictures and 
25 * . other information. The information data, comprising a 'page 1 , are combined arid 
-displayed on the screen 6f a usfer's computer terminal. Web browsers are used to 
allow access to information held on the Web site servers. In. fact. Web-browser 
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software sends out the requests for 'pages' to Web-servers. The universal language 
of the Internet is HyperTextMarkUp Language (HTML) which & & page description 
language used on WWW. The storage of infbHmatiori data bri a V\feb site server, i.e. 
asas-'pages', is effected usihg'HTMLand Wdb site4errtplates. 

It is an dbjiect of the present invention ^provide an internet communication 
system -for effecting sectire transmission of ihfbrmation date between an Internet 
WWW-server and a computer terminal? 

It is another object 'of the pre&erft invention to provide a secure computer 
terminal for use by Internet-clients. 

It is another object of the' present inventibh a secure Internet 

WWW-server for use by In Wrhet-c^ ' 

It is a further object of the present invention to providb a method for the secure 
transmission of information data between an Internet WWW-server and a computer 

.-terminal/ ' : ^ -' r v - r e v -' : '■ " - . ; 

The present invention provides an Internet communication system including 
a computer terminal, for each Infemet-client; and a number of Internet WWW-servers 
adapted to be accessed by an Internet-client, said computer terminals Being adapted 
for connection to the Internet and having a WWW-browser and a data modem for 
respectively accessing, and interfacing with? the WWW-servers, characterised in that 
: the communication system incTiideS security means, for said computer terminals and 
Internet-servers, to ensure : that ''transactions between a WWW-server and an 
Interrtet-client are secure; said security means including an Internet-client server for 
each computer terminal and tfieSns for endorsing' each transactions with an electronic 
signature, and in that said ihtternet-client server has VWN^-functibnalities and is 
adapted to link with said data modem and said transaction endorsement means. The 
security means may be adapted to encrypt and decrypt said transactions. 
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v * T^ e trans 3 cti P n , endorsement means pnay include ; a, perspnalised smart card 
for each Internet client, in which case,^th& computer terminals will each include a 
jsmart pard j-eader i; connected to^a.corpmunication port of a respective computer 
terminal. The encryption and dectyptip^mayJbe effected by-the smart cards. 

. t On the server sid^.pf thp system, the.security^eans may be arranged behind 
each of said Intern^ VVywy-^ to verify said electronic signature. 

The Internet WWW-server s^ur^ encrypt and decrypt 

information. The security means may be arranged behind each of said Internet 
y\AA/W»seiy^rs,gnd usejcgi-sc^ 

The system, of the present invention, may include, for each Internet WWW- 
server. a storage syste^ fpc^tqj^g verified s^ure transitions? « each of said storage 
systems being connected to a ^pectjyje ^ system may 

also include a router for each Internet WWW-serveK said router being adapted to 
connect a respective lote^ne^ VWyyV-server to-the internet. ^ 

The security means may embody conventional WWW-technology, the use of 
such technology making the security function transparent. 

tfj The system may jnclyde .means -for saving ?aid- electronic -signature for 
subsequent use. . ■ - ■• 

■ - . Tne . v P resen V ny ^ 0 ^ a secure computer, terminal for an 

Jnternet-client, said terminal being ajdapted..for connection totfie Internet and having 
a WWVV-brpwser and ,a data modem for respectively accessing, rand interfacing with, 
WVyW-servers on the lnterne^, i c^aractejisjedjn that said. computer terminal includes 
security means for ensuring that tr^sactjons t .c»nducted with a WVWV-server are 
secure. . said security means including, an Internet-client server and means for 
endorsing each transaction with an electronic signature^ and in that said Iritemet- 
client server has VWVW-funrtionalities and is adapted to link with said data modem 
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and said transaction endorsement means. * 

The security means may be adapted to encrypt and decrypt said transactions 
and the transaction endorsement means may include a personalised smart card for 
' a user of said terminal: WitK'this aitangemenit.'the terminal will include a smart card 
5 reader connected to a communication port of the computer terminal. The encryption 
and decryption may be effected by the smart card. 

The security means may embody conventional WWW-technology, the use of 
such technology making the secunty function transparent. 

10 c The' presem mventibn 'further provides' a secure Internet WWW-server, said 

server being adapted to communicate with a secure computer terminal as outlined in 
preceding paragraphs, characterised in that said Internet WWW-server includes 
server sectirrty means to insure ihaf transactions conducted with said computer 
terminal are secure, and in that said'sefver security means are arranged behind said 

15 Internet WWW-server and adapted to verify said electronic signature. The server 
security means which maybe adapted to encrypt and decrypt information and which 
may be arranged behind said WWW-servers as cgi-script and WWW-compatible 
software.' may embody' conventional WWW-technoiogy. The use of conventional 
WWW-technology makes the r server security function transparent. 

20 The present invention further provides, in an Internet communication.,system 

including a computer terminal, for each Internet-client, and a number of Internet 
WWW-servers adapted to be accessed by an Internet-client, said computer terminals 
being adapted for connection to the Internet and having a WWW-browser and a data 
modem for respectively accessing/and interfacing with.' the WWW-servers, a method 

25 for the secure transmission of information data between said Internet WWW-server 
and said computer terminals, characterised by the steps of. 

storing said information data* on an intermediate Internet-client server, local to 
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said computer terminal and, having WVNAA^-functionalities; , 

endorsing said information data with an electrQnic signature; 

transmitting the endorsed inforrp^tipn data to said Internet WWW-server; and 

on receipt of said endorsed information dgta (dv said Internet WWW-server 
verifying the electronic signature. 

The method may include the steps of: 

encrypting said endorsed information data prior to transmission to said Internet 
WWW-server; and 1 . • ' 

on receipt of said encryRted information data by said internet WWW-server 
decrypting the information date. _ 

The method may also include the steps of; ? . c 

encrypting information data prior to transmission from an Internet WWW- 
server to a computer terminal ;_and .. . # , . ... . r . . 

on receipt of encrypted information data^y said computer terminal, decrypting 
the information data. .. .. 

The method may include the step of storing said electronic signature for 
subsequent identification of the originator of a transgctiop. 

The method step of endorsing said information data with an electronic 
signature may be effected using a personalised smart card and the personalised 
smart card may be used to encrypt and decrypt information data. 
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The information data ma/ be in page-form, the language of said page-form 
data may be HTML and the page may comprise either separately, or in any 
combination, text, graphics/pictures, photographs, and fields for entry. of information. 

Furthermore, the page may be linked to other pages on the same, or other, 
Internet WWW-servers. 

When the page is a form having fields for entry of information, the method may 
include the steps of obtained said form from an Internet WWW-s£ryer; completing 
said form by "entering information in said fields; transferring said cojmpleted form to 
said local intermediate server; endorsing said completed form with an electronic 
signature; transmitting the endorsed form from said local intermediate server to said 
Internet WWW-server; and, on receipt of said endorsed form by saicl Internet WWW- 
server, verifying the electronic signature. The endorsed form may be encrypted prior 
to transmission to said Internet WWW-server. 

The form may be obtained from an Internet VNA/WV-seryer, www.xxx.se, and 
rriay, for example] Contains the following text: 

<form method = "post" action = "http://localhost/cgi-win/a_script M > 
' ■ * ' <ihput type * "hidden" name :, da(a*' value = "<data to be signed>"> 
<input type = ; "hidden" name = "Url"vSluie ^"http://U^^ 
<input type = "submit" value = ?Sign"> */form> v' : 



and method may, in these circumstances, . inclydes the;;;steps of producing an 
electronic^ signature on said fprm. ap Vascript" on said local intermediate server 
being uspd,tp <^ffect the .signing -funqtioji; } and returning said, form to said Internet 
WWW-server, said form containing, inter alia; 

<form method = "post" action = M http:/wvww.xxx.se/cgi-bin/any_script M > <input type = "hidden" 
name = "data" value = "<data which has been signed? M > 

<input type = "hidden" naime = "signinfo" value =" <the electronic signature of the data>"> 
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_<input type,? "subngir value = 'Transmit"* .</form> 



The present invention further provides a communication system operating in 
accordance with a method, as claimed outlined in preceding paragraphs, for the 
secure transmission of information data between an Internet WWW-server and an 
Internet-client.' 



The present invention further provides an Internet communication system 
including a secure computer terrftihal, as outlined in preceding paragraphs for each 
Internet-client ancj' a pfurality of internet VWWV-servers, as outlined in precedinq 
paragraphs. 

The foregoing and other features according to the present invention will be 

"u* 1 ** • •. .roc".* bir,2 to fai*oo\ . .-'.r^T/v / .»-V. :-*r \- 

Detter understood from the following description, with reference to the accbmpanyinq 

drawings, in which: 

Figure 1 diagrammatically illustrates part of an Internet communication system 
according to the present invention, including a secure computer terminal for 
use by Internet-clients. 

Figure 2 diagrammatically ilju§trgtf s^anot^r part of an Internet communication 
^ system, accor^ing.to iteipresgnt invention; including a secure Internet WWW- 
server for use by I ntennet-clie'nts. — 



It Will be seen from tfie follriwing^deScriptibn ttiWt ari fhfernet communication 
system, according tci the present ihVentiori, provides a m'bre keciure Arrangement for 
transactions between ah Inferrfei WVWV-server'and an internet-client, i.e. the system 
will facilitate the transmission 1 bf informafcbri data throughout the essentially public 
network of the Internet, without the information data being manipulated. 

Known Internet communication networks include, in essence, a computer 

** *'*>*.... ■-* * it. ' til . » • 
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terminal, for each Internet-client, and a number of Internet WWW-servers adapted 
to be accessed by an Internet-client. The computer terminals are adapted for 
connection to the Internet, lie. have the hecessary software and authority for access 
to the Internet WWW-servers. and having a- \A/WW-browser arid a data modem for 
. respectively' accessing, and -interfacing with/me WWW-serveVs 



ni 



In accordance Awith the present invention; such' a system also includes security 
"' mean s. for the computer terminals rand inteVne^servers. which are adapted to ensure 
that transactions betweerVa WWW-serVer'arid aVi Internet-client are secure. 

: ' As can be-' seen from Figure H of the accompahying drawings, a secure 
computer terminal.;accoraing to tlie present iriVentio f h' includes a computer terminal 
1. for example, a pereonarcomputer; having a modem 2' for connecting the computer 
terminal 1 to a public telephone line and thence to the Internet 3. a security module 
A, • including -ah inteWfetHdient server v 5, , ifor 1 'the computer terminal 1. a unit 6, for 
example, a smart card reader? to prbvide the mea^sfor endorsing each transaction 
with an electronic signature. - 

: The Internet-client server 5 has WWW-functionalities and is adapted to link 
with the data modem 2 and the unit r 6: 1 •' ' '' ;: ' 



> -The 1 da-ta-t.-modem'"2 -"ma^.'Tn^p^acfice; be integral with, or external to, the 
.computer terminal' 1; and : is adapted- to send and receive information data for a range 
:-of applications* including facsimile arid e-ttiaii. In any event, the data modem 2 is 
. 'connected to a communicatibns port' of the computer terminal 1 . 

The required sbftware : for the facsimile and e-mail functions is stored on the 
computer terminal 1 and includes a conventional WWW-browser for obtaining access 
to the Internet. v ' 

Since the Internet is a public network, there is clearly a requirement to be able 
to effect transactions via the Internet in a sec l ure manneOe. the transmission and 
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r rejceipt of .confidential .information data via the^modem^.. In accordance with the 
present .invention,, this is preferably; achieved by the use, of a personal smart card 
whiqh bold§ the personaljand security data qf, the cardrhplderand allows him, or her, 

„ to be identified. Thus,, the/ise of a smart card, in association with a smart card 
reader 6, wilL.enable each transaction to be^ signed; etectFQnically, and, where 
necessary, encrypted in a manner whereby the transaction can be forwarded through 

^different networks without risK of marjipulation-by third parties. In order to be able to 
identify, at a later date, ,.t&£. identity pf the : person who initiated the transaction, the 
electronic signature ,may pe ^gyed^nd recovered ajsi. and when, required. 

t Th^e pcucity fynctipn Qf Jhe t present jnyerHioa:<?ai^ therefore, be effected 
through of ^Qonv^tionaLVy^ for; inter alia, 

. encryption and tt^ . v 

The f smart jcgrd . may^us^as^^^ public cypher 

encryption, fqr eff^ipp^e encoding and 

decoding.- , u > 3 ^ ;r • ;-r 

Thus, in accQrjdanc^^it^ the/>^ transactions can be 

effected on the Internet using th^^epurity module 4 ? and associated ,WWW-server 5. 
The module 4 and WWW-server 5 are, therefore, installed on the computer terminal 
1 for performing the. security fynctijpns referred to above. The WWW-server, forming 
part of the security module 4, is. aAre>rtrpmely small WWW-server, of conventional 
type, which has the fu^jona|ity # to . .sign, ♦ encrypt . and^decrypt . ihformatton data. 
Communication with the §rpart,card reapter 6 is ,handled-by the security functions of 
the module 4 and, to facilitate this, the smart card reader 4 is connected to a 
communications j)prt of the computer terminal 1 . = 

The security module 4 uses conventional WWW-technology and, as a 
consequence of this, the security-application becomes transparent (i.e. because 
WWW-technology is used for both the security module and the remainder of the 
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system) and can be generalised to match many "different services. 

It will be seen from Figure 2 of the accompanying drawings that, on the server 
5 side of the present invention^ security -module 7 is arrahgied behind a WWW-server 
8; and uses cgi-script and conventional s&flwafe programs, as is normally the case 
in connection with the VW\A#. -T is responsible for: 

- ' verification of electronic signatured; ' °' 

- encryption of information; kfid "' - • - - ■ -i 
decryption of information. 

• As shown in Figure 2, 'tl&WVWV-WrVbf 8 is connected to the Internet 3, via 
a router 9, and can. for example, in the case of a bank, be connected to a back-end 
system 10 to which accepted transactions would be transmitted and stored. 

In essence, the WWW will function, under normal circumstances, in the 
following manner: 

, ^ , ' - ; i v - . . v *' ■ , . . . . • t,,- is • . j . • 

a WWW-client. for example. Netscape, contacts (as a result of an action, for 
instance a click with an electronic mouse, by a user of the computer terminal 
1) a WWW-server. somewhere in the world, aria' requests the return of a 
certain "page"', stored oh the WWW-server; : the requested 'page' may consist 
of text, graphics, pictures, photographs, and fields for entry of information, 
etc.. but also of links to 'pages' on the same and/or other Web site servers - 
there may. in fact, be many 'pages' that bring together links to all Web-site 
relating to a particular topic; ahb 

- : when the 'page' consists of a'number of fields for entry of information, i.e. the 

page is a form requiring completion by a recipient, the request, referred to in 
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^ (a) atx>ve r from the qlierit.consists of the completed form; this form is treated 
on the server-side and, as a result, a new page is returned. 

In accordance with the presenU^ made of conventional WWW- 

mechanisms, for^e^ server but, instead of 

transmitting the cpmpleted ; form direqtly back-to the- external server, the form makes 
an 'intermediate landing* on the WWW-server of the local computer terminal 1 , i.e the 
server 5. The server 5 attends t ; o the signing, and possibly, ^Iso encryption, of the 
information, in a manner as outlined above, and, on completion of this process, the 
form, or 'page', is returned to th^ r yywvy-c[ient- The form will not be transmitted to 
the external server until the user requests such transmission. 

As stated above, data which is to be made available on the Internet must be 
transferred and, if necessary, tiransla^ted into J^TML. documents, i.e£the universal 
language of the Internet. Cr , t ri v , > / 

The method used for writing on a HTML-page is outlined below; in relation to 

,the: f _ ^ . t . ; t ^ .. v; _ v , 

recovery of information data from a 'page', or more particularly, from a WWW- 
form; and ^ % - » - 

->*,\ - ' . - v \ ~ * -j -vrl. • ' . '* : • - " - 

; applipatioo of ^n^lectrqriiq signature -to tfie ^formation data to facilitate the 
secure transmission data . through the various public 

^ netvyorks. . r; ? , v . t ... , tf4 y tC 

_ : In ^accordance with the present invent ion,, a srpall local WWW-server 5 is 
installed on the computer terminal !>and the conventional WWW-procedures for 
handling forms are then used, in a manner known to persons skilled in the art, to 
effect the process. In other words, in accordance with normal procedures for forms, 
a cgi-script is called on the local server with data to which an electronic signature is 
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.to be applied, i.e. from i*he server wwwxxx.se comes (as a result of a previous form) 
a 'page' which contains, for example: 

; ' J ■ - <fornvmethod * "post" actfaSh * *1ittp://lo^il^il/ii^a_swipr> 

<input type = "hidden" name = "data" value = "<data to be signed>"> 

; v. ::. T iq P Ut type * " hidder ? v name = Wvalutf -='tittp://www.xxx.seVdgj bin/any_script"> 

<input type = "submit" value = "Sign"></form>. 

"a.scHpt" bri the local server (local host)' making use' of the^igning function to 
produce an electronic signature to the data and then returns a page which, among 
other things, contains: 

■-^form^ethod^^ 

name = "data" value = "<data which has been signed>"> 

<input type = "hidden" name = "signihfb"' value =" <the electronic signature of the data>"> 
<input type = "submit" value = "Transmits </form> 



Since the security function of the present invention is based on conventional 
VVWVy-teQhnology,it is: independent of ^ which brawser is used and which server is 
used. i.e. no interference is necessary either in a browser, or in a server, in respect 
of which the security function is used! - In addition; the security function of the present 
invention is relatively easy to adapt to different levels of security and to new 
technologies. This makes the prese^inveritibn very flexible and cost effective in that 
•t can be readily adapted : td meet specie secunty requirements which may be 
demanded by a user and/or service provider. 

It will.be directly evident from the foregoing that the present invention can be 
.used ,n many applications, where security of information is of prime importance for 
example, to: > - i . - r ' - N v 

perform business transactions, such as. bank transactions, or the purchase 
of goods; 
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. ( !? d . k * te au f J ° rit , y f P[ P e 5to rr nipg,actions, such as, logging on to a system, or 
obtaining access to certain information; .. ,. : > 

. encry PV in ^^^ ion wh '^ n s^f^rbe transmitted over the WWW; and 
, r .. < ? e 9 r YP t information which, has been published encrypted on the WWW. 

In addition, the use of the security function of the, present, invention gives rise 
to the following' advantages: 

use of conventional WWW-technologies; this means that services which are 
developed on this medium are placed on the server-side and. become 
■ ' accessible' tb everybody, without any problems - all logic in the 



service itself is on the server-side; 



no dependence on which browser, or server, is used; 

no interference necessary vyith either the browser, or the seiVer; 

relatively inexpensive; and ■ : - ; j , . r- . I • - 

flexible, in that it can J^e adapted to* meet different levels of security, the use 
of a i smsjrt c^rd representing th^ highest level of security 



The solution to the Internet security problems, presented by the present 
invention, can be effected using all Windows-platforms; (3.x, Win95, NT). However, 
the invention could be adapted, for use,on other platforms, such as, UNIX, or the 
Macintosh-platform, by suitably adjusting the porting arrangements. c 
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CLAIMS ' <:■■■■ , ■ »• ■ i - r:-.-->: 

1 - An Internet communication system- including a computer terminal, for each 
Internet-client, and a number of Internet WWW-servers adapted to be accessed by 
; an~Interriet>clienC said computer terminals being adapted for connection to the 

i Internet and having a WWW-brbwser arid a'daia modem for respectively accessing, 
and interfacings withf^the WVWW-'sen>e^;. ; characterised VthaUrircbmmunication 
system includes security means, for said computer terminals and Internet-servers, to 
ensure that transactions between a WWW-server and an Internet-client are secure, 
■■. said security means including an Tnternetalient server for each computer terminal and 

• - means for endorsing eaaY transactions^ that said 

Internet-client server has WWtV-functidnalities and is adapted to link with said data 
modem and said transaction endorsement means. 

2. A system as dairnea" in claim" 1 , cnaracte'rised'in that said security means are 
adapted to encrypt and decrypt said transactions. 

3. A systehrTas claimed in claim : 1, or claim 2, characterised in that said 
transaction endorsement means includes a personalised smart card for each Internet 
client, and in"-tfiafsaid •compiAer -'te^nals' eachMnclude a Vmart card reader 

*- ; connected to a cortfmuh'ieatibh port of a "respective computer terminal? ' 

4. A system as claimed in claim 3; when~appendeti to claim 2? characterised in 
that said encryption arid decryption iseffected by said smart cards. 

5. ; . > A system as claimed in any one of the preceding ciaims, characterised in that 
said security means are arranged behind each of said Internet WWW-servers and 
are; adapted to verify said electronic signature. 

6 - • A system as claimed in claim 5. characterised in that said Internet WWW- 
server security means are adapted to encrypt and decrypt information: 
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7. A system as claimed in claim 5, or claim 6, characterised in that said security 
means are arranged behind each of said Internet WWW-servers and uses cgi-script 
and vyvwy-compatible software, - X . S| . , • • . ' 

■ -v.- ■ .-. ;v-.' ; f ; -.r.-v-..— -. < r ■<■■< .' 

8 .... A s y stem 9 s cteMij»§dJ in any of claims 5,to 7, <pharacterjsedin that said system 
includes, for each lntepiet : W^VyV r server lV a storage system for storing verified secure 
transactions, eaph i of ; said storage systems-being . connected, to a respective Internet 
WWW-server. . .... . .,. ,.. r r 

- , A system. as clajmed in ( any pfcJaims 5 to 8. characterised.in that.said system 
includes a router for. each, Internet c WWW-server-, said rputer being adapted to 
connect a respective Internet W^/v^seryer to thejnte^ek v. .;. 

10. A system as claimed in any one of the preceding claims, characterised in that 
said security means embody xonyentiojialiVyVvW * ; 

11. A system as claimed in claim 10, characterised in that use of conventional 
. WWW-technology makes.th,e. secuflty fupctjon transparent^. • 

v\-" ; i , A ,syste ; m as claimed in.any r pne of the p^cecjing- claims, characterised in that 
said system includes means. fgtfay^ng said electronic-signature for subsequent use. 

13. A secure ( co^puter.ternjjna.l ,fqr an^ntemet-^lient,' said terminal being adapted 
for connection to the Internet and having, a WWW-browserand aetata modem for 
respectively accessing, and interfacing with. WWW-servers on the Internet, 
characterised, ip that,.^ means for ensuring that 

transactions conducted with, a VyyWVnseryer : are : secure, said -security means 
including an Internet-client server and.meang.fpr, endorsing each transaction with an 
electronic signature, and in that said Internet-client server has WWW-functionalities 
and is adapted. tp link with, said data. modem and said transaction endorsement 
means. ....... • •• » ; •- ; • •• 
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14. A terminal as claimedin claim *T3 /characterised in that said security means 
are adapted to encrypt and' decryj5t saidlrahsactiohs. 

15. A terminal as claimed in claim 13, or claim 14, characterised in that said 
transaction eridbrsemeht meaihs includes a personalised smart card for a user of said 
terminal, and in that said terminal includes a smart card reader, said reader being 

' ' : conri^ed to'a'dbmi^bnic^ton ^rt^fVaid^teriTiinar. 

16. A terminal as claimed in claim 'f^, when appended to claim 14, characterised 
v in that said encryption and decryptibn is effected by said smart card. 

. ( . ■ r- ^ y :\' ^ ■ " xi " . . * - ; * V - X"X.. - o»" 

17. 5 A terminal a% daimeti in any one of claims 13 'to 16, characterised in that said 
security means embody conventional WWW-technology. 

18. A'ietTriinaras'cja^ed in c^im 17/ characterised in that use of conventional 
WWW-fechnofbgy makes the security function transparent. 

1?. ! A secure Internet WvVV^-server said server being adapted to communicate 
with a secure computer terminal as claimed in any one of the claims 13 to 18, 
' characterised in thaf said Internet WWW-server includes server security means to 
ensure that transactions conducted with said computer terminal are secure, and in 
that said server security rrieWis are Arranged behind said Internet WWW-server and 
adapted to verify said electronic signature. 

20:. A WWW-server aV claimed^ in claim 19, characterised in that said server 
security means are adapted to encrypt and decrypt information. 

21 . A WWW-server as claimed in claim 1 9, or claim 20, characterised in that said 
server security means are arranged behind said WWW-servers as cgi-script and 
WWW-compatible software. 
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.22-. , ; ^ WWW-seryer as clairned jn any one of claims^ 9 to 21, characterised in that 
said server security mear^s.embody.cx)nyentionaJ-WVVW-technd 

23. A WWW-server as claimed in claim 22, characterised t in that use of 
conventional. Wv^ transparent. 

24 In an Internet communication system including a computer terminal, for each 
Internet-client, and a number of Internet WWW-servers adapted to be accessed by 
an Internet-client, said computer terminals .being, adapted for connection to the 
Internet and having a ^ WWW-browser and a daja modem for respectively accessing., 
and interfacing with, the WWW-servers. a method for the secure transmission of 
information data between, said .Internet WVWVrservjer and said computer terminals, 
characterised by the steps of: . , 

- storing said information data on.an intermediate, Internet-client server, local to 
said compter terminal v an4^ying W,yyw^fonc1ic^lj|ties;v' ••: '. 

- endorsing said information data with an ele^rqnjc.signature; # 

\ transmitting the endQrsejd infonjiation date to.said.lnternet vyww-server; and 

- on receipt of said endorsed information data by said Internet WWW-server 
verifying the electronic signature. u ^ , . ( . ... . 

25. A method as claimed in cl^im 24,. cbaracterised^ by r the steps, of: . 

encrypting said endorsed information data prior to transmission to said Internet 
WWW-server; and _ v 

■< \, / . » 1. ;:~>'V " "" , ■* 3 * 'i ' . '■ - " 

on receipt of said encrypted information data by said Internet WWW-server, 
decrypting the information date. 
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26. A method as claimed in claim 24. or claim 25pcharacterised by the steps of: 

encrypting information data prior to transmission from an Internet WWW- 
server to a computer terminal; and 

on receipt of encrypted irtformatiori data by said computer terminal, decrypting 
the information data. 

27. A method as claimed in any brie of trie claims' 24 to 26, characterised by the 
step of storing said electronic signature for subsequent identification of the originator 
of a transaction:' •'•■• -.•'■•'.•wv ?••■>. oi.--.. p<? ■- ■■>■■■: z •»-: r_- "; 

28. A-methdd •as ; Cla1me^1h¥ny v brfe'of-ciaYms 24 to 27. characterised in that the 
step of endorsing said information data with an electronic signature is effected using 

:• >a personalised smart card ::i ; '- !c: ' 7 - * - ~ * ! ' ^ • 

29. A method as? claimed •in' , c!a1m'^/c^aracterised in that said personalised smart 
card is used to encrypt and decrypt information data. 

< ; ■■■■ t \~z ,-> ■ • ! !-•.••..;• j - i>>n .,;''i *-• •• ■ 

30. A method as claimed in any one of the claims 24 to 29. characterised in that 
said information data is in page-form, the language of said page-form data being 

: v, HTML: • / * • : •: : • v .• - — - c; ? ■ 

31 A method as claimed in claim 30. characterised in that said page consist of any 
„ one, or more, of the following; • '"'•'•'' ^ ' ; "' ~ 

text; 

•- . 'graphics;- v •"' *' - '• '' ''<'*•' . 

pictures; 
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- : photographs; and Vl : r \ : { • ^ 
fields for entry of information. ^ . . - 

32. A method as claimed in claim 30, characterised in that said page is linked to 
s other phages on the same, or ot^r, Internet, .WWW-servers. 



33. A method as claimed in claim 31, characterised in that said page is a form 
having fields for entry of jofom^t|on, and in that the method includes the steps of: 

obtained said form from an Internet WWW-seryer;/ r 

- r completing sai^fornri by .entering ipfprmation^rhsaid, fields; 

transferring said completed form to said local jQtemriediate server; 

- ^ pncjor^ipgj said.pompjeted form; with ;ajrv-relectr:oniq signature; 

transmitting the endorsed form from said local intermediate server to said 
Internet WWW-seryer; and - tli - ... :y / /. 

on receipt of said endorsed form by said Internet WWW-server; verifying the 
electronic signature. 

34. A method as claimed in claim 33, characterised in that said endorsed form is 
encrypted prior to transmission to said Internet WWW-server. 

35. A method as claimed in claim 33. or claim 34 ( characterised in that said form 
is obtained from an Internet WWW-server, www.xxx.se, and contains the following 
text: 
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<form method = "post" action = ,, http://localhost/cgi-win/a_script ,l > 

<input type = "hidden" name = "data" value = "<data to be signed>"> 

<input type = "hidden" name = "url" value - "http://www.xxx.se/cgi bin/any_script"> 

<input type = "submit" value = "Sign"> </form> 

5 and in that said method includes the steps of; 

producing an electronic signature on said form, an "adscript" on said local 
intermediate server being used to effect the signing function; and 

returning said form to saitflnternet WWW-server, said form containing, inter 
alia: ;•; ; ; 

10 <form method = "post" action C1^^^ <input type = "hidden" 

name = "data" value 4 "rfdata which has been signed>"> ■ * . 

<ihput type = "hidden" name = "signinfo" value =" <\hp electronic signature of the data>"> 
<friput type = "submit" value = "Transmits </form> 

\ \ 

36. A communication system operating in accordance with a method, as claimed 
15 in any one of the claims 24 to 35, for the secure transmission of information data 

between an Internet WWW-server and an internet-client. 

■ y ^ 

37. An internet communications system including a secure computer terminal, as 
claimed in any of claims 13 to 18, for each Internet-client, and a plurality of Internet 
WWW-^servers, as claimed in any of claims 19 to 23. 

20 
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